Free EMR Newsletter Want to get the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your inbox? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!
    Email Address:
We never sell or give away your contact information. Our reader's trust comes first.

September 19, 2006

OnScreen Keyboards Defeated by Trojan Horse

Written by:
Filed under: add to del.icio.us

        

Wow, a new Trojan was created that is able to defeat an OnScreen keyboard. People are so creative.

Today we will analyze a new banking trojan that is a qualitative step forward in the dangerousness of these specimens and a new turn of the screw in the techniques used to defeat virtual keyboards. The novelty of this trojan lies in its capacity to generate a video clip that stores all the activity onscreen while the user is authenticating to access his electronic bank.

The video clip covers only a small portion of the screen, using as reference the cursor, but it is large enough so that the attacker can watch the legitimate user’s movements and typing when using the virtual keyboard, so that he gets the username and password without going into further trouble.

Luckily I haven’t seen too many OnScreen keyboards out there. My bank is using a 2 factor authentication which is more secure in my opinion. As long as you remember the 2 factors.

Look for similar articles under these categories: 

No responses to "OnScreen Keyboards Defeated by Trojan Horse"

Comments are closed.

Top - Home